[Grok-dev] Authorization issue With grokproject created instance and wsgi

Uli Fouquet uli at gnufix.de
Thu Mar 5 03:56:01 EST 2009

Hi there,

Michael Haubenwallner wrote:

> Martijn Faassen wrote:
> > Hey,
> > 
> > zope at kevinkal.com wrote:
> >>   I've come across a slightly annoying issue when working with grokproject.
> >>
> >>   With a new project, I  'bin/paster serve etc/debug.ini', open the 
> >> browser to localhost:8080 and receive an unauthorized error.
> > 
> > We haven't had action on fixing it though, so thanks for reminding us! 
> > Does this exception formatting middleware really not allow us to exclude 
> > certain exceptions?

Yes, that would really be interesting.
> > If not, I think we should change debug.ini so it doesn't include the 
> > middleware anymore - too bad no exception formatter for now.

The middleware debugger is the whole point in the debug.ini-story, isn't

> Same debug.ini works fine with zopeproject.
> It simply calls @@login.html.

Don't know what you mean by 'it calls @@login.html'. Projects setup by
`zopeproject` just display a plain _public_ default view for the ZODB
root object. Such you get a link to @@login.html displayed.

If you try to fetch for instance 'localhost:8080/@@contents.html'
directly you get the same problem as with Grok.

> Maybe we could look into what exactly happens inside grokui.admin?

There is nothing special with grokui.admin. It only registers a default
view, which redirects to another view ('applications') that requires
zope.Manage permissions. That's it. You will have the same problems
without grokui.admin, when you install an application with protected
views and try to browse this.

Currently the default view of grokui.admin redirects to 'applications'
view. We could make it display a more or less empty, public entry page
with a link to @@login.html. This wouldn't fix the actual problem, but
most new users would not get stuck on initial use of debug.ini.

What we could do also is to display a hint on the commandline, that with
the debugger people should login using @@login.html.

Best regards,


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://mail.zope.org/pipermail/grok-dev/attachments/20090305/4c49550b/attachment.bin 

More information about the Grok-dev mailing list